proactive security testing-protecting against tomorrow's threats today

Proactive Security TestingProactive Security Testing

Protecting Against Tomorrow's Threats TodayProtecting Against Tomorrow's Threats Today

Srihari Padmanabhan, Senior Research Analyst

Network and Application Security Testing Market

18, December 201218, December 2012

© 2012 Frost & Sullivan. All rights reserved. This document contains highly confidential information and is the sole property of Frost & Sullivan. No part of it may be circulated, quoted, copied or otherwise reproduced without the written approval of Frost & Sullivan.

Today’s Presenter

Five years of experience in strategy consulting and market research across communications test and

measurement market. This includes particular expertise in:

Srihari PadmanabhanSenior Research Analyst, Communications Test Group

Frost & Sullivan

2

measurement market. This includes particular expertise in:

- Market sizing and forecasting

- Providing recommendations for product entry, geographical expansion and market penetration

- Identifying industry best practices in the test and measurement market

- Experience base covering a broad range of sectors, leveraging long-standing working relationships with

leading industry participants’ Senior Executives

Focus Points

Market Overview

Market Drivers and Restraints

Top 10 Network and Application Security Trends

Impact of APTs and Zero-day Attacks

Conclusion

Q&A

3

Q&A

Poll Question

Which of the following trends will have the most impact on the network and application security testing market in 2013?

A. Network Security Consolidation

B. APTs and Zero-day Attacks

C. Increase in Nation-sponsored Attacks

4

D. Cloud security

Security Testing – Market Overview

Security Test SolutionsSpirent (Mu Dynamics) , Ixia (BreakingPoint Systems), Shenick Network Systems, Codenomicon.

SECURITY TESTING MARKET

$128.8

Million

$295.3 Million

2012 2016

5

Application Security ProductsHP, IBM, Codenomicon, Parasoft, Coverity, Cenzic, Klocwork etc.

Vulnerability Assessment McAfee, Qualys, Tenable Network Security, Rapid7, nCircle and several others.

$367.2 Million

$703.2 Million

$407.2 Million

$979.8Million

Market Drivers and Its ImpactM

ark

et

Dri

vers

1-2 years 3-5 years 6-10 years

Increase in Malware and Cyber attacks globally drives the demand for test solutions

Increase in the frequency and sophistication of attacks

Security Testing Market: Key Market Drivers (World), 2012

Growth in Internet services (e-banking and e-commerce) and increased mobility of the workforce

6

Mark

et

Dri

vers

City, state, and federal governments’ investments in security development

Impact: High Medium Low Source: Frost & Sullivan analysis.

increased mobility of the workforce

Regulatory and standardcompliance

Market Restraints and Its ImpactM

ark

et

Restr

ain

ts

1-2 years 3-5 years 6-10 years

Security Testing Market: Key Market Restraints (World), 2012

Rapid change in technology

7

Mark

et

Restr

ain

ts

Lack of awareness about the current threats and the solutions available in the market

Increase in the number of open-source solutions and managed security service providers

Budget allocation and spending on test solutions

Impact: High Medium Low

Source: Frost & Sullivan analysis.

2011 Security Incidents by Attack Type

8

Source: IBM

Top 10 Trends in Network and Application Security Testing

1. Hybrid Security Model and the growth of MSSPs

2. Convergence of Cyber security and business process

3. Investments on Critical National infrastructure by Regional Organizations

4. Impact of BYOD and workforce mobility

9

5. Mobile threats bypassing PCs

6. Cloud Security and evolution of IPv6

7. Nation-sponsored hacking through Advanced Persistent Threats (APT)

Hybrid Security Model and the Growth of MSSPs

10

Source: Frost & Sullivan analysis.

Hybrid Security Model and the Growth of MSSPs (Contd…)

11

Convergence of Cyber Security and Business Process

Data Loss Prevention Market: Revenues and Percent of Revenues by Vertical, Global, 2011

Security spending by business

organizations is expected to cross

$6 Billion by 2016. The following

factors drive the security spending

among SMB and Large businesses.

� Increase in adoption of cloud

� Penetration rate of BYOD

12

� Penetration rate of BYOD

programs

� Prevalence of data breaches

� Fear of losing reputation due to

exposed vulnerabilities

According to a recent survey by Frost & Sullivan, most businesses have already invested in

DLP solutions with 37 percent of the respondents planning to implement within the next 2

years. In addition, end-user segments such as BFSI and Government generated the most

revenues for the data loss prevention market in 2011.Source: Frost & Sullivan analysis.

Critical National Infrastructure (CNI)

13

Impact of BYOD and Workforce Mobility

73%of public sector organizations allow employees to use personal devices at work, highest in education (83%)

have a specific policy around the use of personal devices whilst 38% have loose guidelines

56%

14

organizations have experienced a security breach due to an employee owned device accessing the network

1 in 4

of organizations see BYOD and personal devices outnumbering enterprise devices, and becoming the norm in the next 3 years

51%Source: CISCO BYOD 2012 Survey

Mobile Threats Bypassing PCs

New Families and Variants Received Per Quarter

15

“ In 2013, people will purchase more than 1.2 billion mobile devices, surpassing PCs as the most common internet access device in the world. Mobile platforms will continue to expand at breakneck speed, as people are forecast to download over 70 billion mobile apps in 2014.”

- Lookout Mobile Security

Source: F-secure

Zero Day Attacks and APTs

16

“While the overall number of zero-day vulnerabilities is down, attacks using these vulnerabilities continue to be successful. The majority of these vulnerabilities are leveraged in targeted attacks. Adobe Flash and Reader vulnerabilities are widely used in targeted attacks and account for 50% of the zero-day vulnerabilities seen in 2011.”

- Symantec

Impact of Zero-day Attacks and APTs

17

“With advanced persistent threats, we have to start shifting our way of thinking from the

fortress model of security strategies. We have to be able to not only prevent, detect and

respond, but also live continuously in a compromised situation and still run operations.”

Chief Security Officer, Airtel

Next Steps

Develop Your Visionary and Innovative SkillsGrowth Partnership Service Share your growth thought leadership and ideas or

join our GIL Global Community

18

Join our GIL Community NewsletterKeep abreast of innovative growth opportunities

Your Feedback is Important to Us

Growth Forecasts?

Competitive Structure?

What would you like to see from Frost & Sullivan?

19

Emerging Trends?

Strategic Recommendations?

Other?

Please inform us by “Rating” this presentation.

Follow Frost & Sullivan on Facebook, LinkedIn, SlideShare, and Twitter

http://www.facebook.com/FrostandSullivan

http://www.linkedin.com/companies/4506

20

http://twitter.com/frost_sullivan

http://www.linkedin.com/companies/4506

http://www.slideshare.net/FrostandSullivan

For Additional Information

Jeannette Garcia

Corporate Communications

(210) 477-8427

jeannette.garcia@frost.com

Srihari Padmanabhan

Senior Research Analyst

Communications Test

+91-44-66814185

Srihari.Padmanabhan@frost.com

21

Olga Yashkova

Program Leader

Communications Test

(210) 247-3863

Olga.Yashkova@frost.com

Kiran Unni

Research Manager

Measurement & Instrumentation

(210) 247-2495

email@frost.com